Privacy Harms

Understanding privacy harms

What’s at risk when privacy is violated? How can you determine whether a process, service, or project could cause a privacy problem? The following sections describe the types of activities that can be associated with privacy harms and ways to prevent these problems.

If you anticipate or identify possible privacy harms, read IU’s Privacy Principles to learn how you can address these concerns or contact privacy@iu.edu for assistance.

There are many theorists who have worked to identify and classify privacy harms. One of the first was Alan F. Westin in his classic book, Privacy and Freedom, published in 1967. The information on this page is adapted from Professor Westin's work and also Professor Daniel J. Solove's "Taxonomy of Privacy," described in his book Understanding Privacy, published in 2008.

Types of privacy harms

Consider the following privacy harms, particularly related to interactions with individuals whose information is collected, used, disclosed, and retained by Indiana University. Is it possible that your actions could be viewed as harmful?

Information collection

What the individual might think:

“They are collecting information about what I am doing -- more than they should!”

Indiana University must collect information in order to perform its mission activities. Although not all collection is harmful, information collection can constitute a harmful activity.

What types of information collection can be considered harmful?

Examples of information collection activities that can lead to privacy harms:

Are you doing something with your process, service, or project that could be seen as too much information collection?

Are you collecting information you don’t really need?

Be aware that whether you look at or use the information is not the critical question; the fact that you are collecting it is in itself a concern.

What might you do to address these concerns? For more ideas, visit the Privacy Principles.

Information processing

What the individual might think:

“They have a lot of data about me, and they are storing, manipulating, and using it!”

Indiana University must process information in order to perform its mission activities. Although not all processing is harmful, information processing can constitute a harmful activity. This is especially true when the processing results in an incorrect assumption, and is used as the basis for making a (wrong) decision concerning an individual.

What types of information processing can be considered harmful?

Examples of information processing activities that can lead to privacy harms:

Aggregation — combining pieces of information about an individual that were collected from different sources

Secondary use — use of collected information for a purpose different from the use for which it was collected, without the individual’s consent

Exclusion — using data to exclude an individual, especially if the data was incorrect or interpreted incorrectly

How can I minimize the risk of harms from information processing?

Things to consider:

Are you doing something with your process, service, or project that could be seen as an information processing harm?

Information processing can be helpful when it "personalizes" and gives better service. But it can invade privacy when it goes too far or is used in ways that break commonly accepted norms.

Are you keeping information long after you are finished with it? This can make it vulnerable to processing harms.

Privacy is a balancing act. Individuals are going to balance the gains from using your service with the potential privacy harms. Some may choose not to use your service because they don’t know how you will process their information.

What might you do to address your users’ concerns? For more ideas, visit the Privacy Principles.

Information dissemination

What the individual might think:

“They spread or transfer information about me — more than I think they should!”

Indiana University often must disseminate or share information in order to perform its mission activities. Although not all dissemination is harmful, information dissemination is one of the most commonly performed harmful activities.

What types of information dissemination can be considered harmful?

Examples of information dissemination activities that can lead to privacy harms:

Invasion

What the individual might think:

“They come into my space and contact me, or tell me what to do!”

Indiana University communicates with individuals every day using a multitude of digital and paper methods, but invasion can occur physically as well, and IU manages many physical spaces that serve both public and personal purposes. Invasion infringes directly on the individual, and is a serious privacy harm.

What types of activities are considered invasive?

Examples of invasion:

Invasions into private affairs

Invasive acts that disturb an individual’s tranquility or solitude

Decisional interference — entering into an individual’s decisions regarding his or her private affairs

Unwanted email —unwanted communications into an individual’s personal space, including his or her email inbox, is considered an invasion.

Unwanted phone calls — entering into an individual’s personal space by calling his or her personal phone number (especially if it is a mobile phone)

Entering a room without knocking

How can I minimize the risk of harms from invasion?

Things to consider:

Are you doing something with your process, service, or project that could be seen as a privacy invasion?

Are you sending digital communications to personal email inboxes?

Are you calling personal phone numbers?

What might you do to address this concern of your users? For more ideas, visit the Privacy Principles.